Corus Hotels operates and manages the Corus Hotels websites. We at Corus Hotels value the trust placed in us by guests, patrons, visitors, suppliers and colleagues (“customers”) who give us their personal data. Data Security is of the highest priority for us. We have mandated our IT service providers to safeguard against any breach. Our IT service provider’s link and their Data Security Policy and Protocol is available on our GDRP Portal.
We aim to be as clear as possible about what we do with personal data and why we do it.
Corus Hotels are committed to the online privacy of all its users.
Corus Hotels’ website is run by Corus Hotels Ltd and its web design and content management partners (“we“, “us“, “our“).
Corporate and Commercial Individual Data
Corus Hotels makes a distinction between corporate and commercial data of individuals and their corporate and commercial emails and that of personal data and emails. Corporate and commercial data, including individual corporate and commercial emails, are retained on the basis of legitimate interest to facilitate the ordinary of our business and commercial relationships and transactions and business needs in the course of business dealings.
Individuals with corporate or commercial emails may at any time write to the Data Processing Officer at DPO@corushotels.com and/or to the address provided below to remove retention of their data.
This can result in Corus Hotels no longer being able to communicate or transact with any such individual and may request a company or body corporate dealing with us to nominate another person expressly willing to receive communication and their corporate and commercial individual data to be retained in the course of business dealings subject always to the person’s individual rights as set out herein. It shall be the responsibility of each company or body corporate to establish the express consent of persons acting on their behalf.
Information We Collect
You can easily change your registration details through the account facilities available on the website or by getting in touch with our Data Protection Officer at the address below.
When a booking is made on our website we will collect data with respect to the guest name(s), date of arrival, number of rooms, number of nights, room type, room rate and payment details (card type, name, number, expiry date, CVV, address). We are not responsible for the accuracy of the payment and type of room details and the guest is solely responsible for checking these details.
User name and password – You may check the ‘REMEMBER ME’ Box and uncheck it at any time. Our IT systems are designed to collect and store your user name and password to enable you to log-in easily without having to complete your personal details each time should you chose to set up an account with us. If you do not choose to set up an account with us we will not retain your user name or password.
Name, address and postcode – We collect this information to know who you are and to enable us to link your booking to your room, your place of origin and how to contact your next of kin in case of emergency or supply the relevant UK Government security agencies with the information they may require and which we are legally obliged to do. We also use postcodes to quickly get your full address to save you typing it out. We have provided an Opt-out box for you to opt-out of this data retention at any time.
Business information – We keep records such as employer details and job title, particularly from our corporate customers
Purchase history – We may retain your transaction history with us, including the hotels that you have stayed in, activities on site (e.g. food purchases and Wi-Fi use) and the date(s) of your stay;
Age / date of birth – we may occasionally need to collect your age or date of birth to be able to send you birthday related offers if you have agreed to receive marketing communications.
Email address – We send a confirmation of your order or booking via email as well as other service related communication. If you have agreed to receive marketing communications these may also be sent by email.
Telephone numbers – if there are any problems with your order or we need to check anything, we need to be able to contact you quickly.
Payment card number, expiry date, issue no and name of card holder – A payment card is required in order to register for an online account. We retain your payment card information for the duration of the time you hold an account with us. This is necessary to enable payment, to process refunds and in order to help us monitor fraudulent activity on accounts.
Where you heard about us – We may ask you this to help make our marketing more efficient.
Customer Communication – If you contact us we may keep a record of that correspondence. We also retain Customer communication preferences and keep record of Customer feedback.
IP addresses – When you visit our site, we will automatically receive your IP address, a unique identifier for your computer or other access device.
You may also provide us with personal information if you contact customer services, if you enter promotions or competitions run by us or if you get in touch with us in some other way, for example by way of an email facility provided on the website.
How we use the information we collect
We may use your information for the following purposes:
- Administration and management of room and restaurant bookings and our hotels and restaurants;
- Processing transactions;
- Administration of our Digital Channels, including in respect of our registered users, who may also store a personal identification number online to easily access and apply room preferences and personal details when booking through our automated telephone service;
- Administration and management of our competitions, promotions and prize draws – you should check the applicable terms and conditions of the competition, promotion or prize draw for further information;
- Sending you communications about our products and services that we think may be of interest to you. We may also send you service information communications (e.g. reservation/booking confirmation).
- Business, website and consumer analysis and reporting; and
- Correspondence between us, including where you use our ‘Contact us’ form or where you agree to receive post-stay questionnaires (if applicable) and to facilitate your arrival pre-stay communication (if required).
Marketing – we would like to contact you with our product and services and offers and promotion. If you consent for us to occasionally contact you, you will be asked to expressly consent by checking the relevant box provided. You can uncheck the box or Opt-Out to any email at any time or click on the unsubscribe link provided at the end of each email. Please also read our section on Marketing Research below. When you do so we will not contact you thereafter.
Customer care and correspondence – as part of our customer care procedures, we may follow-up, either by letter, phone, SMS or email, customers who have stayed at our hotels or purchased goods or services from our website or who have posted comments about Corus Hotels on the internet, for example to resolve a complaint or to ask for a testimonial.
Market research – from time to time, we may also use your information to contact you for market research purposes. If you check your consent for us to contact you for marketing purposes, we may contact you by letter, phone, SMS or email. You can uncheck this section at any time if you no longer wish for us to contact you for this purpose. We will not contact you for any marketing research thereafter.
Website improvement – to help us design our website and improve your experience, we may collect information about the way you use and access our website. Our web system collects information about each visitor, including IP address, the length of time spent on the website and the order in which pages are visited. We may employ third party experts to help us look at this information. However, we make sure that anyone we employ treats all information with the same sensitivity and security that we treat it. This is explained in more detail in the cookies section below.
Fraud Prevention – we will only share your data with law enforcement or regulatory agencies when requested.
Our sites use a number of different cookies. Below we explain the cookies we use and why we use them.
What is a cookie?
Cookies we use and why we use them
What is a cookie?
A cookie is a small text file that may be placed on your device when you visit our sites. When you next visit our sites the cookie allows us to distinguish you from other users.
There are two broad categories of cookies:
- Persistent cookies
Persistent cookies remain on your device until deleted manually or automatically.
- Session cookies
Session cookies remain on your device until you close your browser when they are automatically deleted.
Cookies we use and why we use them
- Essential cookies
Essential cookies are technical cookies that are required for the operation of our sites. Without essential cookies our sites can’t operate properly. Essential cookies include, for example, cookies that enable you to log into secure areas.
- Performance cookies
Performance cookies allow us to recognise and count the number of visitors to our sites and to see how visitors move around them. This helps us to improve the way our sites work by enabling us to tailor our sites to the way visitors use them. The information we collect from performance cookies is aggregated which means that we cannot identify you from it.
- Experience cookies
Experience cookies allow our sites to remember the choices you make. Our sites use experience cookies to provide you with enhanced and personalised features. For example, we use information collected through what are known as “web-analytic” cookies to compare the choices you make to those of our other customers so that we can learn from those choices.
Information collected by experience cookies cannot track your browsing activity when you leave our sites to browse other sites.
- Marketing cookies
Marketing cookies record your visits to our sites, the pages you have visited and the links you have followed. We use this information to make our sites and the advertising displayed on them more relevant to your interests. For example, sometimes we use marketing cookies to limit the number of times that you see an advert. Sometimes we share information about your browsing activity (which we have collected from cookies) with our advertising partners. They may use this information to advertise products, which may interest you, on other sites.
See our Cookies Policy by clicking on this link:
You have a right to access the personal information that is held about you. Please refer to details of your right by click on this link Guest Access Rights on our GDPR Portal. To obtain a copy of the personal information Corus Hotels holds about you, please email us at DPO@corushotels.com enclosing your postal details and the details of your request.
Alternatively, you can write to us at the following address:
Data Protection Officer
Corus Hotels Ltd
1 Auckland Park
Security – at Corus Hotels, information security is very important to us and we have taken many steps to make sure personal data is secure. Information about you will be kept safe and secure. In order to prevent unauthorised access or disclosure of your information, we have put in place suitable physical, electronic and managerial procedures to protect and secure information that is collected online.
Payment Card Security – we use Lloyds Bank plc, Global Blue Service Company Austria GmbH and Bank of China (UK) Limited and the latest SSL (Secure Sockets Layer) technology to make sure that the details you provide when placing an order are kept private and secure, making shopping on our website safe. Our secure server encrypts your credit or debit card number details along with your personal information and changes them into bits of code that are then securely sent over the internet. Your browser will show when you are in a secure environment by displaying either a locked padlock or an image of a key in the grey bar at the bottom of the page; it may also warn you when you are entering a secured environment as you go to place your order.
Security in our offices – access to your information is restricted in our Hotels and offices. Only authorised employees who need the information to perform a specific job are granted access to personally identifiable information. The servers that store this information are kept in a secure environment at our Head Office and protected by a Key Access that is retained by the Office Manager and the Finance Director at the Corus Head Office.
Purchase Guarantee – we are so confident about security on our website that when you transact with us we back each of your credit card purchases with a guarantee. In the unlikely event that unauthorised use is made of your credit card, most card issuers either cover all the charges that result from the unauthorised use or may limit your liability to £50. If your credit card issuer holds you liable for any of this £50 we will reimburse you up to the full £50. This guarantee only applies where the unauthorised use is as a direct result of giving us your credit card details on our secure server and not through your own fault.
Our notification Plan in the event of a Data Breach
The Data Protection Officer at Corus Hotels Ltd shall promptly within 48 business hours or immediately after a weekend or a business day after a bank holiday notify the Information Commissioner’s Office and the affected party:
- of any data breach and the circumstances of such breach;
- the circumstances of such breach;
- the steps taken to remedy the breach and
- prevent similar recurrence.
Notification of Changes to This Policy
We want to make sure we’re giving you the information about privacy and security that you want – let us know what you think. If you have any feedback, questions or concerns, please email us at DPO@corushotels.com
Corus Hotels Ltd
1 Auckland Park